packages/net/openssh/files/sshd.failsafe

#!/bin/sh

failsafe_sshd () {

	# if dropbear is executable it can handle failsafe
	[ -x /usr/sbin/dropbear ] && return

	sshd_tmpdir=/tmp/sshd
	mkdir $sshd_tmpdir

	sed -i 's/^root:.*/root::0:17000:::::/g' /etc/shadow

	for type in ed25519; do
		key=$sshd_tmpdir/ssh_host_${type}_key
		ssh-keygen -N '' -t ${type} -f ${key}
	done

	mkdir -m 0700 -p /var/empty

	cat > $sshd_tmpdir/sshd_config <<EOF
HostKey $sshd_tmpdir/ssh_host_ed25519_key
PermitRootLogin	yes
PermitEmptyPasswords yes
EOF

	/usr/sbin/sshd -f $sshd_tmpdir/sshd_config -E $sshd_tmpdir/sshd.log

}

boot_hook_add failsafe failsafe_sshd
openssh: add openwrt failsafe support Adds failsafe support to the openssh package. Roughly based on an earlier patch. Ref: https://github.com/openwrt/openwrt/pull/865 Signed-off-by: Jeff Kletsky <git-commits@allycomm.com> Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me> 2019-11-11 12:10:45 +00:00			`#!/bin/sh`

			`failsafe_sshd () {`

			`# if dropbear is executable it can handle failsafe`
			`[ -x /usr/sbin/dropbear ] && return`

			`sshd_tmpdir=/tmp/sshd`
			`mkdir $sshd_tmpdir`

			`sed -i 's/^root:.*/root::0:17000:::::/g' /etc/shadow`

			`for type in ed25519; do`
			`key=$sshd_tmpdir/ssh_host_${type}_key`
			`ssh-keygen -N '' -t ${type} -f ${key}`
			`done`

			`mkdir -m 0700 -p /var/empty`

			`cat > $sshd_tmpdir/sshd_config <<EOF`
			`HostKey $sshd_tmpdir/ssh_host_ed25519_key`
			`PermitRootLogin yes`
			`PermitEmptyPasswords yes`
			`EOF`

			`/usr/sbin/sshd -f $sshd_tmpdir/sshd_config -E $sshd_tmpdir/sshd.log`

			`}`

			`boot_hook_add failsafe failsafe_sshd`